Data Diodes for Transportation and Logistics
Cybersecurity Challenges Faced by Transportation Infrastructure
What are the cybersecurity threats to transportation infrastructure?
Transportation infrastructure from trains to cargo ships and the materials they carry need to keep moving to meet the supply chain demands of the world’s economies. Like other critical industries, supply chain infrastructure is subject to various cybersecurity threats, including ransomware attacks that disrupt services and demand payment, distributed denial of service (DDoS) attacks that overwhelm systems, and advanced persistent threats (APTs) that leave operators vulnerable to cyber-attacks.
-
Maritime - Port authorities, terminal operators, shipping companies, shipbuilding companies, and more, all of which are at risk of cyberattack. The attack surface expands as traditional ships migrate to Maritime Autonomous Surface Ships (MASS), putting maritime OT assets (such as SCADA, HVAC, SafeSeaNet, and GPS systems) at risk of being compromised, which could result in significant shipment delays or stolen goods.
-
Air - Access and departure control systems, cargo handling equipment, flight traffic management systems, Airplane Information Management Systems (AIMS), and Aircraft Communications Addressing and Reporting Systems (ACARS) are all at risk of being compromised.
-
Rail – Potential targets include Automatic Train Protection (ATP), control and command systems, Driver Advisory Systems (DAS), the wayside equipment beside railroad tracks that provides vehicle positions and speeds, as well as other network related equipment like serial servers, and the control centers for railway operations that are responsible for receiving critical railway-information in real-time, utilizing SCADA systems.
-
Trucking – The industry is susceptible to cyberattacks on critical vehicle functionality systems, such as the controller area network bus (CAN), which is responsible for accessing firmware for engine, braking, or acceleration electronic control units. If a vehicle that’s connected to the Internet via cellular doesn’t have segmentation or other security measures taken for these systems, entire fleets could be impacted by cyberattack.
As the threat landscape evolves and cybercriminals become more sophisticated, shippers must remain vigilant in protecting their systems and data from cyber-attacks, which is why OT cybersecurity should be a top priority for your operations.
How do data diodes support transportation infrastructure?
Earlier this year, the TSA issued new cybersecurity requirements for freight railroad carriers, which include requirements for monitoring and network segmentation policies, access control measures, and patching critical cyber systems. Data diodes can help with each of these requirements, as they enable network segmentation and real-time monitoring simultaneously, prevent remote access to systems that don’t need to be accessible from the Internet, and protect assets that haven’t been patched for a long time (and likely will remain unpatched for years to come). Network segmentation is also becoming a recommended practice for electric vehicles, specifically OT and IT networks responsible for access control and charging equipment, per NIST IR 8473, a cybersecurity Framework Profile developed for the Electric Vehicle Extreme Fast Charging (EV/XFC) ecosystem.
Data diodes are the ideal way to segment, protect, and monitor the OT systems, remote enterprise networks, and digital twins supporting transportation infrastructure
Case Study – Protecting Ships at Sea from Cyberattack Using Fend’s Data Diodes
An international marine integration and service company needed to know what was happening in the engine rooms of client’s ships but could not take the risk of operational disruption from cyberattacks. Each day one of its vessels was docked was potentially a day of lost revenue and diminished reputation.
The company trusts Fend’s one-way communication diodes to send real-time AMCS signals from their engine rooms, BCS, EMS and on-board security systems at sea to their shore-based operations centers so service can be planned in advance before ships enter a port. Since two-way ship-board satcoms are vulnerable, data diodes can segment and secure operational data systems from other personal crew communications use. The client was able to safely integrate real-time operational data into its centralized control center while reducing OT network threat vectors by sharing data with maintenance teams on shore, saving time and money.
Benefits of Using Data Diodes for Transportation
For many years, one-way communication diodes (also known as data diodes) were too costly to deploy at scale for transportation solutions. Now, the same technology that protects nuclear power plants and oil refineries is affordable for marine vessels and other transportation assets, allowing secure real-time analytics to keep precious cargo moving. This is because our data diodes add an extra layer of physical security that blocks 100% of all inbound traffic and requires no security patches or maintenance, offering the same level of security as a physical air gap for remote access without the vulnerabilities.
Fend’s easy-to-deploy hardware brings data diode protection to shippers at a fraction of the price of traditional solutions. Fend enables visibility across the rest of the value chain, allowing real-time analytics, flow-rate modeling, predictive maintenance, and secure ship-to-shore information.
Fend’s unidirectional gateway hardware physically protects you from cyberattack. Fend diodes feature:
● No hidden fees or licenses. All supported protocols are included with the purchase.
● No need for custom external servers or software.
● Built from the ground up as a cost-effective solution for monitoring industrial equipment.
● Made in the USA.
Fend data diodes come equipped with onboard protocol support for common industrial and OT/IT protocols like Modbus RTU/TCP, FTP, FTPS, UDP and TCP/IP. Setting up a diode is as easy as logging in to the Fend Configuration Tool, selecting your protocols, entering some basic information.
Enhance Manufacturing Infrastructure Cybersecurity with Fend’s Data Diodes
Maritime shippers and logistic services companies rely on Fend's data diode technology to strengthen cybersecurity measures. Enhance your systems and physically protect your industrial control systems with Fend data diodes. Realize the benefits of complete network segmentation, freedom from security patches, and hassle-free operation. Fend's offerings provide access to remote data with the security of a physical air gap.